On Wed, Mar 27, 2002 at 11:15:51AM +0100, Gerd Schering wrote:
> I have the following problem:
> I want to sign a request which contains as CN a string like
> CN=SomeTest@SomeTeam@[EMAIL PROTECTED]
>
>
> When trying to sign the csr, i get:
>
> Check that the request matches the signature
> Signature ok
> The Subjects Distinguished Name is as follows
> [...]
> commonName :PRINTABLE:'
> The string contains characters that are illegal for the ASN.1 type
> unable to load certificate
>
>
> The csr was NOT generated with openssl.
> When I generate a csr with openssl containing a CN like
> CN=gerd@home@berlin@tu
> no problem when signing it:
>
> [...]
> commonName :T61STRING:'gerd@home@berlin@tu'
> Certificate is to be certified until Mar 27 09:42:31 2003 GMT (365 days)
> Sign the certificate? [y/n]:y
>
> But now the string is recognized not as PRINTABLE but as T61STRING.
>
>
> Could someone please give me hint, what happened?
On the risk of pointing out the obvious: the type of data should be
part of the ASN1 coding, so it is the request that does say "PRINTABLE"
but does contain non-printable data within the request, thus the
request is incorrect. Seems you have to complain to the vendor shipping
the request generating software...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
